package com.bdqn.redsi.config;

import com.bdqn.redsi.MyShiroRealm;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class ShiroConfig {
    @Bean
    public MyShiroRealm myShiroRealm() {//自定义的realm
        MyShiroRealm shiroRealm = new MyShiroRealm();
        return shiroRealm;
    }

    @Bean
    public SecurityManager securityManager() {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //注入Realm
        securityManager.setRealm(myShiroRealm());
        return securityManager;
    }

    @Bean
    public ShiroFilterFactoryBean shiroFilterFactory(SecurityManager securityManager) {//Shiro过滤器:权限验证
        ShiroFilterFactoryBean shiroFilterFactory = new ShiroFilterFactoryBean();
        //注入SecurityManager
        shiroFilterFactory.setSecurityManager(securityManager);
        //权限验证:使用Filter控制资源(URL)的访问
        return shiroFilterFactory;
    }
}
